Any webpage that displays "https" in the address bar (ex. https://www.payjunction.com) is a secure webpage. Upon final checkout, there is no way to "post" or "send" an insecure transaction though our service as we have disabled http to prevent unsecured posts.
If you are using the PayJunction payment button (aka Hosted Payments) and you do not see a secure lock and https in the address bar, it is because the PayJunction checkout process is embedded in an iframe which means half the page is unsecure (your website) and half the page is secure (the PayJunction checkout page). By default, a web browser will never display a secure lock if the web page is in mixed content mode. However, the PayJunction checkout page will always be in https (secure) mode even though it is embedded in an iframe and the https, secure lock is not being displayed.
If you are using the PayJunction API (i.e. 3rd party shopping cart, or custom checkout page), you are responsible for securing your checkout page. You will need to purchase an SSL Certificate. An SSL Certificate can usually be purchased and installed directly by your Web Host. An SSL Certificate will secure your checkout page and will therefore display https in the address bar.
Please contact our Support Department if you have any further questions. We can be reached at firstname.lastname@example.org or 1-800-601-0230 Ext. 3, Mon-Fri, 8am-5pm PST